<?php

$config = array(
	'baseurlpath' => 'https://{{ wiki_app_fqdn }}/simplesaml/',

	'application' => [ 'baseURL' => 'https://{{ wiki_app_fqdn }}' ],

	'certdir' => 'cert/',
	'loggingdir' => 'log/',
	'datadir' => 'data/',
	'tempdir' => '/tmp/simplesaml',

	'technicalcontact_name' => '{{ saml_public.technicalcontact_name }}',
	'technicalcontact_email' => '{{ saml_public.technicalcontact_email }}',

	'timezone' => null,

	'secretsalt' => '{{ saml_secret.salt }}',

	'auth.adminpassword' => '{{ saml_secret.adminpassword }}',

	'admin.protectindexpage' => false,
	'admin.protectmetadata' => false,

	'admin.checkforupdates' => true,

	'trusted.url.domains' => array(),

	'trusted.url.regex' => false,

	'enable.http_post' => false,

	'debug' => array(
		'saml' => false,
		'backtraces' => true,
		'validatexml' => false,
	),

	'showerrors' => true,
	'errorreporting' => true,

	'logging.level' => SimpleSAML\Logger::NOTICE,
	'logging.handler' => 'syslog',
	'logging.facility' => defined('LOG_LOCAL5') ? constant('LOG_LOCAL5') : LOG_USER,
	'logging.processname' => 'simplesamlphp',
	'logging.logfile' => 'simplesamlphp.log',
	'statistics.out' => array(),

	'proxy' => null,
	'proxy.auth' => false,
	'database.dsn' => 'mysql:host=localhost;dbname=saml',
	'database.username' => 'simplesamlphp',
	'database.password' => 'secret',
	'database.prefix' => '',
	'database.persistent' => false,
	'database.slaves' => array(),

	'enable.saml20-idp' => false,
	'enable.shib13-idp' => false,
	'enable.adfs-idp' => false,
	'enable.wsfed-sp' => false,
	'enable.authmemcookie' => false,

	'default-wsfed-idp' => 'urn:federation:pingfederate:localhost',
	'shib13.signresponse' => true,

	# This should be _less_ than memcache_store.expires. See below.
	'session.duration' => {{ session_duration_hours }} * (60 * 60),

	'session.datastore.timeout' => (4 * 60 * 60), // 4 hours
	'session.state.timeout' => (60 * 60), // 1 hour
	'session.cookie.name' => 'SimpleSAMLSessionID',
	'session.cookie.lifetime' => 0,
	'session.cookie.path' => '/',
	'session.cookie.domain' => '{{ wiki_app_fqdn }}',
	'session.cookie.secure' => false,
	'session.phpsession.cookiename' => null,
	'session.phpsession.savepath' => null,
	'session.phpsession.httponly' => true,
	'session.authtoken.cookiename' => 'SimpleSAMLAuthToken',
	'session.rememberme.enable' => false,
	'session.rememberme.checked' => false,
	'session.rememberme.lifetime' => (14 * 86400),


	'memcache_store.servers' => array(
		array(
			{% for server in groups['memcached_servers'] -%}
			{%- if server == inventory_hostname -%}
			array('hostname' => '127.0.0.1'),
			{%- else -%}
			array('hostname' => '{{ server }}'),
			{%- endif -%}
			{%- endfor %}
		),
	),
	'memcache_store.prefix' => 'simpleSAMLphp',

	# This value should always be larger than the 'session.duration'
	# option. Not doing this may result in the session being deleted from
	# the memcache servers while it is still in use.
	'memcache_store.expires' => {{ memcache_session_store_hours }} * (60 * 60),


	'language.available' => array(
		'en', 'no', 'nn', 'se', 'da', 'de', 'sv', 'fi', 'es', 'fr', 'it', 'nl', 'lb', 'cs',
		'sl', 'lt', 'hr', 'hu', 'pl', 'pt', 'pt-br', 'tr', 'ja', 'zh', 'zh-tw', 'ru', 'et',
		'he', 'id', 'sr', 'lv', 'ro', 'eu', 'el', 'af'
	),
	'language.rtl' => array('ar', 'dv', 'fa', 'ur', 'he'),
	'language.default' => 'en',
	'language.parameter.name' => 'language',
	'language.parameter.setcookie' => true,
	'language.cookie.name' => 'language',
	'language.cookie.domain' => null,
	'language.cookie.path' => '/',
	'language.cookie.secure' => false,
	'language.cookie.httponly' => false,
	'language.cookie.lifetime' => (60 * 60 * 24 * 900),
	'language.i18n.backend' => 'SimpleSAMLphp',


	'attributes.extradictionary' => null,
	'theme.use' => 'default',
	'template.auto_reload' => true,
	'idpdisco.enableremember' => true,
	'idpdisco.rememberchecked' => true,
	'idpdisco.validate' => true,
	'idpdisco.extDiscoveryStorage' => null,
	'idpdisco.layout' => 'dropdown',

	'authproc.idp' => array(
		30 => 'core:LanguageAdaptor',
		45 => array(
			'class'		 => 'core:StatisticsWithAttribute',
			'attributename' => 'realm',
			'type'		  => 'saml20-idp-SSO',
		),
		50 => 'core:AttributeLimit',
		99 => 'core:LanguageAdaptor',
	),
	'authproc.sp' => array(
		90 => 'core:LanguageAdaptor',
	),


	'metadata.sources' => array(
		array('type' => 'flatfile'),
	),
	'metadata.sign.enable' => false,
	'metadata.sign.privatekey' => null,
	'metadata.sign.privatekey_pass' => null,
	'metadata.sign.certificate' => null,


	'store.type'					=> 'memcache',
	'store.sql.dsn'				 => 'sqlite:/path/to/sqlitedatabase.sq3',
	'store.sql.username' => null,
	'store.sql.password' => null,
	'store.sql.prefix' => 'SimpleSAMLphp',
);

